Even though I opened up the correct port in the Firewall, my Filezilla connection would always fail shortly after connecting.

It would attempt to enter passive mode, and also get a list of the FTP contents, and then the connection would die.

Turns out that by default, the FTP client (filezilla and maybe many others) enter a “Passive” mode when not actively transfering files. However, to do this the client needs to connect to a random port assigned by the server, which for windows FTP server is between 1024 and 5000.

Now, if you don’t want to open up all those ports in your FW, then you can use the instructions here to change the PassivePortRange in the Metabase.xml file.